AMR CyberSecurity – Part of Infinum has been approved as a Certification Body for Defence Cyber Certification (DCC) Levels 2 and 3, completing coverage across the full DCC range and making AMR one of a limited number of organisations authorised to certify at every level of the scheme.
DCC was developed by the UK Ministry of Defence (MoD) to raise the standard of cyber security across its supply chain.
As defence contracts increasingly involve interconnected systems and sensitive data, the MoD needed a structured way to assess whether suppliers – at every tier – could actually be trusted with that responsibility.
The framework spans four levels, each calibrated to the cyber risk profile of specific contracts. Levels 2 and 3 carry higher expectations around governance, technical controls, and independent assurance, which is where most certification bodies stop.
AMR CyberSecurity – Part of Infinum, is now approved across all four.
In practice, that means the ability to assess organisations across the entire defence supply chain: from lower-risk suppliers to those operating in high-stakes, complex defence environments.
With approval spanning all four DCC levels, AMR CyberSecurity can now certify organisations at every point in the defence supply chain, from routine suppliers to those handling the most sensitive defence information and systems.
“Being approved as a Certification Body for Defence Cyber Certification across all levels is an important milestone for us,” said Martin Walsham, Director of CyberSecurity at AMR CyberSecurity – Part of Infinum.
DCC provides a clear and structured framework for cyber security within the defence supply chain and our approval to deliver the certification reflects the standards we apply in our own operations, as well as the experience we bring to supporting organisations.
MARTIN WALSHAM, DIRECTOR OF CYBERSECURITY, AMR CYBERSECURITY – PART OF INFINUM
As the MoD continues rolling out the DCC scheme, the number of bodies approved to certify at the higher levels remains small. The requirements at Levels 2 and 3 are significantly more extensive – and meeting them as a Certification Body demands the same rigour AMR applies when working with clients.
“With defence systems and supply chains increasingly interconnected, structured cyber assurance is essential for operational resilience and trusted delivery,” added Walsham.
As a Certification Body, we are proud to be helping to provide a consistent benchmark for cyber security maturity that will improve confidence in suppliers handling defence information and systems.”
MARTIN WALSHAM, DIRECTOR OF CYBERSECURITY, AMR CYBERSECURITY – PART OF INFINUM
IASME Consortium acts as the Certifying Authority for DCC. AMR’s approval was granted across all levels currently defined within the scheme.
Working on DCC compliance or assessing your position in the defence supply chain? Contact us to find out how we can support you.